Log message:
Make trusted facts work with the webrick server as well as make them
available when using ruby unicorn behind apache or nginx.
Using unicorn behind apache you need to add header:
RequestHeader set X-SSL-Client-Cert %{SSL_CLIENT_CERT}e
Using unicorn behind nginx, you need to run nginx-lua flavor, then
you need:
location / {
set_by_lua $client_cert "return ngx.var.ssl_client_raw_cert:gsub('\\n',' ')";
proxy_set_header X-SSL-Client-Cert $client_cert;
}
OK jasper@ (MAINTAINER)

Log message:
Make trusted facts work with the webrick server as well as make them
available when using ruby unicorn behind apache or nginx.
Using unicorn behind apache you need to add header:
RequestHeader set X-SSL-Client-Cert %{SSL_CLIENT_CERT}e
Using unicorn behind nginx, you need to run nginx-lua flavor, then
you need:
location / {
set_by_lua $client_cert "return ngx.var.ssl_client_raw_cert:gsub('\\n',' ')";
proxy_set_header X-SSL-Client-Cert $client_cert;
}
OK jasper@ (MAINTAINER)

Log message:
Make trusted facts work with the webrick server as well as make them
available when using ruby unicorn behind apache or nginx.
Using unicorn behind apache you need to add header:
RequestHeader set X-SSL-Client-Cert %{SSL_CLIENT_CERT}e
Using unicorn behind nginx, you need to run nginx-lua flavor, then
you need:
location / {
set_by_lua $client_cert "return ngx.var.ssl_client_raw_cert:gsub('\\n',' ')";
proxy_set_header X-SSL-Client-Cert $client_cert;
}
OK jasper@ (MAINTAINER)

Log message:
pkg_add doesn't set a non-zero return value upon failure, so check it's output
to determine if a package cannot be installed and fail hard if that's the case
instead of stating the package was succesfully installed.
ok sebastia@

Log message:
pkg_add doesn't set a non-zero return value upon failure, so check it's output
to determine if a package cannot be installed and fail hard if that's the case
instead of stating the package was succesfully installed.
ok sebastia@

Log message:
in the service provider, stop using 'rcctl getall' in favor of 'ls all' in
combination with 'get $svc flags'. this shaves several seconds off a regular
puppet run, and over 50% on 'puppet resource service'.
as discussed with aja@
also tested by sebastia@

Log message:
in the service provider, stop using 'rcctl getall' in favor of 'ls all' in
combination with 'get $svc flags'. this shaves several seconds off a regular
puppet run, and over 50% on 'puppet resource service'.
as discussed with aja@
also tested by sebastia@

Log message:
Remove unnecessary dependency on ruby-json.
The json library is shipped with ruby 1.9+, and these ports support the
json library that comes with ruby. While here, remove some
MODRUBY_ICONV_DEPENDS as those only are necessary on ruby 1.8.
OK jasper@

Log message:
Better handling of package flavors, treat flavors as properties instead
of a parameter to the resources. Fixes detection of installed package flavors,
and adds the flavor of a package to "puppet resource package" output.
Better handling of service_flags on service configuration, now allow to configure/set
flags before starting a service the first time. That makes services work that require
parameters to start up, and prevents services from running with wrong parameters.
OK jasper@

Log message:
Better handling of package flavors, treat flavors as properties instead
of a parameter to the resources. Fixes detection of installed package flavors,
and adds the flavor of a package to "puppet resource package" output.
Better handling of service_flags on service configuration, now allow to configure/set
flags before starting a service the first time. That makes services work that require
parameters to start up, and prevents services from running with wrong parameters.
OK jasper@

Log message:
Better handling of package flavors, treat flavors as properties instead
of a parameter to the resources. Fixes detection of installed package flavors,
and adds the flavor of a package to "puppet resource package" output.
Better handling of service_flags on service configuration, now allow to configure/set
flags before starting a service the first time. That makes services work that require
parameters to start up, and prevents services from running with wrong parameters.
OK jasper@

Log message:
Better handling of package flavors, treat flavors as properties instead
of a parameter to the resources. Fixes detection of installed package flavors,
and adds the flavor of a package to "puppet resource package" output.
Better handling of service_flags on service configuration, now allow to configure/set
flags before starting a service the first time. That makes services work that require
parameters to start up, and prevents services from running with wrong parameters.
OK jasper@

Log message:
use the more standard way to execute something that may fail with execute()
and :failonfail => false
confirmed by sebastia@ not to cause any regressions
this doesn't fix "puppet resource service" however

Log message:
use the more standard way to execute something that may fail with execute()
and :failonfail => false
confirmed by sebastia@ not to cause any regressions
this doesn't fix "puppet resource service" however

Log message:
ensure we restart a service after the flags have been changed
NB: this does not yet fix the situation where a service is started before
it's flags have been written out to rc.conf.local
tested by sebastia@

Log message:
ensure we restart a service after the flags have been changed
NB: this does not yet fix the situation where a service is started before
it's flags have been written out to rc.conf.local
tested by sebastia@

Log message:
- add a new provider for user/group management on openbsd, so we don't have
to add exceptions for openbsd all over the generic provider.
- unbreak account expiration while here
additional testing by sebastia@

Log message:
- add a new provider for user/group management on openbsd, so we don't have
to add exceptions for openbsd all over the generic provider.
- unbreak account expiration while here
additional testing by sebastia@

Log message:
- add a new provider for user/group management on openbsd, so we don't have
to add exceptions for openbsd all over the generic provider.
- unbreak account expiration while here
additional testing by sebastia@

Log message:
- add a new provider for user/group management on openbsd, so we don't have
to add exceptions for openbsd all over the generic provider.
- unbreak account expiration while here
additional testing by sebastia@

Log message:
- add a new provider for user/group management on openbsd, so we don't have
to add exceptions for openbsd all over the generic provider.
- unbreak account expiration while here
additional testing by sebastia@

Log message:
- usermod -G doesn't mean what puppet thinks it means, so use -S so actually
set groups. this allows puppet to revoke group membership for a user.
- make 'chage' and 'password' optional commands
reminded and tested by sebastia@

Log message:
- usermod -G doesn't mean what puppet thinks it means, so use -S so actually
set groups. this allows puppet to revoke group membership for a user.
- make 'chage' and 'password' optional commands
reminded and tested by sebastia@

Log message:
- usermod -G doesn't mean what puppet thinks it means, so use -S so actually
set groups. this allows puppet to revoke group membership for a user.
- make 'chage' and 'password' optional commands
reminded and tested by sebastia@